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Data Protection System 



This invention concerns apparatus, methods and articles manufactured thereby 
for preventing theft of copyright material, particularly as recorded in digital 
form on carrier means such as optical disc media. In this description optical 
disc media is intended to include not only CDs, CD-ROMs and DVDs, but also 
similar media that may be read using electromagnetic radiation outside of the 
visible range; for example, infra-red, ultra-violet or X-rays. 

The advent of recordable CDs (CD-R) has made it generally easy and 
inexpensive to make unauthorised copies of Audio CDs and CD-ROMs; for 
example by copying the entire contents of a audio CD to a computer hard disc 
and then writing this to a CD-R. The potential loss of Revenue to recording 
companies from such activities is considerable, and indeed its impact has 
already been felt. Consequently, there has been much interest in techniques that 
prevent such unauthorised copying. 

US 5513260 (Ryan) and US 5659613 (Copeland) disclose a method of placing 
an authenticating signature on a legitimate copy that cannot easily be detected, 
and hence transferred to an illicit copy. New CD players would need a 
subsystem that searched for such a signature and if the signature should be 
tihere, but was not found, refuse to play the disc. 

US 20010054028 Al (Kuroda) describes the addition of copy control 
information to copyright material, such that when an attempt is made to copy 
this material usmg reproduction and recording apparatus according to the 
invention such copying is prevented, if appropriate, on the basis of the copy 
control and information and also attribution information generated by the 
reproduction apparatus. 



us 2002003880 Al (Kato) discloses a system where a recording of copyright 
material is encrypted and also has a digital watermark which is read by 
apparatus according to the invention, thereby allowing the replay apparatus to 
obtain a disk key and so decrypt the material. 

All of the above methods and systems suffer from the disadvantage that fliey do 
not prevent unauthorised copying of a CD and replay of that copy on most 
existing CD players; that is they require new players equipped with appropriate 
hardware. 

US 20020001690 Al (Selinfreund) discloses a method of manufacturing 
optical discs that includes areas on the disc with light-sensitive material. 
During the first pass of a conventional optical reader the digital information on 
such light sensitive areas is read correctly, but on a second pass the data is read 
differently due to the activation of the light sensitive material by the optical 
reader As most optical disc readers and players are pre-programmed to re- 
sample data areas to assure correct copying such discs will fail to copy 
correctly. While this method will work with many existing players, the 
inclusion of light sensitive areas at precise locations on liie disc is expected to 
significantly increase disc production costs, 

US 20010053979 Al (Kori) describes an encryption protection system that . 
encrypts copyright material, requiring the user to have the decrypting key, and 
also keeps a record of the number of copies made, so that a pre-determined 
limit can be placed on this. However, determined copyists can with sufficient 
effort break such a single or double key systems. Further, this system appears 
-unsuitable for replaying discs-in most currently available players,- 

An object of some aspects of the present invention is to provide improved 
methods of protecting copyright digital data recorded on a data storage 
medium, particularly optical discs such as CDs. It is a further object of some 



aspects of the inventioii to provide a method of producing optical discs that 
provide such improved protection. It is also an object of some aspects of the 
present invention to provide an optical disc with such improved protection. A 
further object of some aspects of the invention is to provide a system that is 
effective when used with most players and computers presently available. 

CD audio discs contain at least a first session formatted in compliance with the 
well known "Red Book", also known as standard 908 of the Intemational 
Electrotechnical Commission (lEQ entitled "Compact Disc Digital Audio 
System" (Geneva, Switzerland, 1987). 

According to one aspect of the invention slight deviations from strict "Red 
Book" compliance are introduced into this first session to prevent most CD- 
ROM drives reading the data. Thus, the first session on the disc will normally 
contain audio tracks. In the lead in area of flie disc, the Q-channel information 
contains the Table of Contents (TOC). Each audio track on the first session is 
described in the TOC including where the track is located on the disc and the 
type of track. In a conventional CD the tracks are described as audio tracks. In 
a disc according to the invention such audio tracks are described as data tracks 
in the TOC. A normal CD player does not reference this TOC but rather looks 
at Q-channel data in each sector within the session. This track area data is 
unaltered and conforms entirely to "Red Book" standard. Hence, such a disc 
will play normally in a standard "Red Book" audio CD player. However, when 
stfch a disc is read by a CD-ROM drive the drive will reference the TOC and 
will then recognise a discrepancy between the TOC data and that Q-channel 
data withm each sector of the track. This contradiction normaUy results in an 
"illegal mode for this track", that prevents the CD-ROM drive reading the 
track. 




SpecijBcally, the TOC describes the tracks in the audio session as data tracks, 

f 

control = 4 (0100 binary). Normally they would be described as audio tracks, 
control = 0 (0000 binary) (see "Red Book", p41). 

No amendments are made to the well known Cross Merleave Reed-Solomon 
Code (CIRC) error protection data on the protected disc. 

A further important aspect of the invention is tiie ability to play the optical disc 
on a computer. This is achieved by first compressing the audio tracks, then 
encrypting this data and recording this resulting data in a second session on to 
the optical disc, known as a data session. 

Por a CD this data is recorded in the following manner; the data is first split 
into logical block that will fit into a **Yellow Book" (lEC) standard CD sector 
(also known as a logical block). Each of these blocks is then encrypted using an 
encryption key derived jfrom its logical block address (LBA) or position on the 
CD. The diata resulting firom this' process is then written to the disc at this 
position (LBA) using conventional mastering and recording methods. This 
compressed audio data is not visible to the host computer under normal 
circumstances. The data is played on a personal computer, by including in this 
second session a "CD player application program" that is visible to the host 
computer. This player has built into it the ability to locate, decrypt and play the 
compressed and encrypted audio data. 

To enable protected discs to be played on computers using operating systems 
such as Windows 95, 98, NT-4, 2000ME, 2000 Professional, 2000 Server, 

2000 Server Professional, XP Home Edition, XP Professional, Linux 6,Z and 

higher, Apple Macintosh 0S9 and higher, Sun Unix OSS; hereafter referred to 
as PCs, at least one further data session is included on the disc. 
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This further session is located after the first «'Red Book" compUant session and 
conforms to the lEC 'bellow Book" standard and the lEC "Orange Book" 
standard for multi-sessions. This session contains the player application 
program and any associated files, which are visible to the computer operating 
system and also encrypted data files containing the audio tracks; these latter 
files not being visible to the computer operating system or playable, except by 
using the CD player appUcation program provided on the disc. 

Thus, when a protected disc is viewed by a PC file manager only the player 
appHcation program and any files directly associated with the program will be 
visible. 

Each sector on the disc normally contains 2048 bytes of consecutive encrypted 
digital data, each sector being encrypted with a different unlocking key. This 
block size is dictated by the "Yellow Book" standard, but in principle data may 
be encrypted using any convenient block size. Obviously using too large a 
block size is undesirable as it would result in less variation in the encryption, 
this should be avoided. The logical sector address (LBA) corresponding to the 
st^ of each audio track (LBA-tra) is known to the player application program 
this data being hidden within the player application program code or at a 
location on the disc known to the player application program , (hidden within 
the player code), if the data is located on the disc then the data will its self be 
encrypted, the mformation may also be spread over several consecutive or 
randomly addressed sectors. A particular audio track will normally comprise 
many thousand consecutive sectors on the disc. The audio data in each of these 
sectors will be encrypted with a different unlocking key. The player application 
program contains an algorithm for deriving this unique key firom the LBA 
corresponding to the start of each sector (LBA.sec). The skilled person will 
realize that this algorithm may take a variety of forms, as long as it generates a 
unique key from the LBA, Thus, when a track is selected the player appUcation 
program knows the LBA-tra, this is the same as LBA-sec for the first sector of 



the track and can derive tiie key jfrom lhat LBA-sec to allow data from that 
first sector to be decrypted. Having read the first sector the player application 
program knows that the next sector starts at the (LBA-sec) consecutive to the 
last LEA of the first sector. Knowing LBA-sec the player application program 
can use the said algorithm to derive the new key and so decrypt data in the 
second sector. In this way the player application program can decrypt 
consecutive sectors, each time deriving a new key. This is referred to below as 
a dynamic key code system. 

The dynamic key code system has a number of advantages over known 
systems. If an unauthorised copier discovers both the LBA-tra and the first key 
it only allows the first sector (block) of digital audio data to be recovered. The 
key to the next consecutive sector will normally be completely different. 
Further, if by some means the consecutive encrypted sectors corresponding to a 
audio track are copied, for example to a PC hard disc and flie player application 
program is run and directed to the first sector, it will generate wrong keys for 
each sector because ft would need to know original the LBA-sec of the copied 
material. The sectors occupied on the PC hard disc will almost certainly differ 
from those on the original disc. Hence, the copied material will not be 
decrypted by the player software. 

Prior to segmentation and encryption of the audio data, this data is preferably 
compressed using an appropriate compression algorithm. 

Preferably, a disc produced according to the invention contains hidden software 
that is activated when the PC operating system first accesses the storage 
. me.dium;.for..example-a CD, by. reading the directory table of contents data, - 
whereby a memory resident program, hereinafter called "the supervisory 
program" monitors access to the protected disc. When the disc is removed the 
supervisory program is removed from the memory of the PC. The supervisory 
program is also designed to monitor the activity of the disc, including disc 



speed, disc access type,(digital or audio) and also ensures reliable playback of 
the disc content. 

In order to be able to monitor the disc activity, the supervisory program must 
insert its self or part of its self into the operating systems driver chain. Also the 
supervisory program will be in communication with the player application 
program that is allowed to "Play" the disc. A driver chain is a computer 
operating system feature, where an appHcation will communicate with the top 
part of the chain. This top part of the chain will communicate witii the next 
layer down etc. Until finally the communication will reach, for example, the 
CD-ROM drive. Information from the CD-ROM drive will travel long the 
Cham in the opposite direction. This mechanism is in place in the operating 
system in order to present to an application program, a standard way of 
communicating with a large variety of hardware devices. 

The supervisory program inserts its self into this driver chain and can therefore 
monitor all communications from'-iSie apphcation program to the CD-ROM 
drive. The supervisory program can, for example calculate the average data 
transfer rate, the type of read operation that is being attempted etc, it also has 
the ability to identify tiie disc that is the target of this communication and as a 
result allow normal operation on a disc that is not protected by the system. 

If an operation that is not allowed is attempted then the supervisory program 
wiU simply not pass tiie communication on and will send a fictitious reply to 
the next higher part of the driver cham and therefore eventually to the 
application. It may for example chose to simply report an error to the 
application program or even supply blank or incorrect mformation. In this way 
any unauthorized access to a protected disc is blocked. 

Sstorage medium according to the invention is only designed to be accessed in 
one way by a PC; that is usmg the player appHcation program on the data 




session to read and decrypt data therein. If the disc is accessed in any other way 
the activity will be judged illegal and interventionary action will be taken by 
the supervisory program. Normally, the supervisory program will stop such 
activity and the disc will be ejected from the computer drive. This role of the 
supervisory program will not prevent the copying of an ordinary disc and will 
not interfere with flie general performance and/or activities of the computer. 

Thus, if an "illegal" activity such as the digital extraction of disc data to hard 
disk drive, is detected by the supervisory program that command will be 
blocked. Likewise, if the'player application program is not open, or is closed by 
the user while the disc is still in the CD-ROM drive then an eject command is 
sent to the drive. 

Access to the first session on the disc, by for example a CD copying utility, 
will not be allowed by the supervisory program which monitors the position of 
the read head and can thus identify if data other than session data is being 
accessed. 

If in the unlikely event that a disk copying utility is able to read the first (audio) 
session of the disc, then the supervisory program will not permit the digital 
extraction command used by ASPI, ATAPI and other disk command control 
drivers to be used. 

This method monitors the current average disc speed. If the average speed is 
outside given acceptable parameters then disc access is blocked. Speed 
monitoring is accomplished by the supervisory program. 

When a disc is being played in a PC using the player software the average 
playback speed of the disc will be very low, since compressed data is being 
read at real time. Typically data is compressed at a ratio of about 10 to 1, i.e. 
ten times smaller than the un compressed data; normal playback of the original 



data would result in a disc speed of one, therefore the average disc speed when 
playing the con5)ressed data over the same period of time will be about 1/10 
Speed in this case. 

Because the compressed data is read from the disc in blocks at a high speed 
(Burst speed), foUowed by a much longer period of inactivity, speed 
monitoring will need to measure the average disc speed. The burst speed could 
in fact be anything up to and including the maximum read speed of the disc, but 
for very short periods. So called "ripping software" typically will try to copy at 
the highest speed possible for a sustained period of time. If disc is moving at a 
high speed on average then access wiU be blocked (average speeds will need to 
be calculated over periods in the order of ten seconds). If player appUcation 
. program is not playing the disc then all access to the disc is blocked. 

The present invention requires special software to control the disc mastering 
machine or alternatively a CD-R, CD-RW, DVD-R or DVD-RW disc drive, 
"this will iDe referred to below a^'CD Producstion Software (or CDPS). I^e 
CDPS needs to pre-determine the LBA (LBA-tra and LBA-sec) of each sector 
of data corresponding to any data sessions on the disc. It then selects a 
particular algorithm and derives the unique encryption key for each sector. 
Following compression of flie audio files and division of the digital data into 
consecutive segments of audio data, each of these segments is encrypted within 
a data sector. Thus, when the master disc is produced each sector of data in the 
data session or sessions, is uniquely encrypted and placed at the predetermined 
LBA, so allowing the LBA-sec to be used by a player application program to 
decrypt and play that sector. 

The system of the invention also allows the algorithm that derives a key from a 
LBA-tra or LBA-sec to be varied if desired for each master disc produced. 
Advantageously, routine variations in the algorithm used for manufacturing a 
given master disc can result in completely different keys being derived for a 
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given LB A. The CDPS will modify the code of the player application program 
that is also placed on the disc so that it contains the correct algorithm; that is 
the algorithm used in the encryption step, thus allowing the player application 
program to decrypt the data session. . 



CLAIMS 



1. A method of manufacturing an optical disc for storing digital data 
comprising the steps of: (a) segmenting copyright material m digital form 
into consecutive segments (b) allocating each segment to a sector of the disc 
(c) pre-determining the position of each sector on the disc and using an 
algorithm to derive a unique encryption key for each sector according to the 
logical block address corresponding to the start of each sector (d) 
encrypting each sector using its unique key, and (d) writing the encrypted 
data sectors to a disc. 

2. Recorded material on an optical disc comprising digital data segmented into 
consecutive sectors each containing encrypted data, the data in each sector 
being encrypted using a unique key, the unique key for each sector being 
dependent upon the logical block address on the disc corresponding to the 

start of each sector. 

3. Optical disc player software containing embedded within its code the 
logical block address on the disc of the first sector corresponding to a file or 
track, decryption software operated by a key and an algorithm for 
determinmg the unique key for each sector from the logical block address 
corresponding to the start of that sector. 

4. ' A method of reading encrypting digital data from a disc comprising the 

steps of (a) decryptmg data in consecutive sectors each using a unique key 
(b) the unique key for each sector being dependent upon the logical block 
address on the disc corresponding to the start of that sector. 

5. A method of preventing a computer copying audio sessions on an optical 
disc including the steps of (a) describing the audio session as data tracks in 
the. Table of Contents contained within the Q-channel information in the 




. lead in area of the disc, (b) describing the audio session in the Q-channel 
data in each sector within the session as audio tracks. 

6. A method of monitoring whether a disc according to the invention is being 
accessed in an authorized way comprising the steps of (a) including 
software for a supervisory program on the said disc (b) activating this 
supervisory program when the computer operating system first accesses the 
disc, (b) insertion of all or part of the supervisory program into the 
operating systems driver chain that allows two way communication 
between an application program accessing the disc and the disc drive (d) 
using the supervisory program to monitor communications between the said 
application program and the disc drive. 

7. A method according to Claim 6 comprising (e) describing an audio session 
as data tracks ia the Table of Contents contained within the Q-channel 
information in the lead in area of the disc, (f) describing the audio session in 
the" Q-chanhel data in each sector within the sessioii as audio tracks. 

8. A method according to Claim 6 or 7 wherein any application attempting to 
access data other than the data session or sessions on the disc will be judged 
illegal and blocked by the supervisory program. 

9. A method according to any of Claims 6 to 8 whCTein any program other 
• than the player application program accessing flie disc will be judged illegal 

and blocked by the supervisory program. 

10. A . method according to any of . Claims 6 to 9 wherein the current average 
disc speed is monitored by the supervisory program and if this average 
speed does not fall within a range determined by the supervisory program 
blocking access of the application program to the disc by the supervisory 
program. 
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11. A method according to any of Claims 6 to 10 where access is blocked by 
the supervisory program not relaying the communication along the driver 
chain or relaying a fictitious communication. 

12. A method of manufacturing digital data storage medium comprising the 
steps of: (a) segmenting copyright material in digital form into consecutive 
segments (b) allocating each segment to a sector of the storage medium (c) 
pre-determining the position of each sector on the storage medium and 
using an algorithm to derive a unique encryption key for each sector 
according to the logical block address corresponding to the start of each 
sector (d) encrypting each sector using its vmique key, and (d) writing the 
encrypted data sectors to the said storage medium. 

13. A method of reading encrypting digital data from a storage medium 
comprising the steps of (a) decrypting data in consecutive sectors each 
using a unique key (b) the unique key for each sector being dependent upon 
the logical block address on the storage medium corresponding to the start 
of that sector. 

14. A method of monitoring whether a storage medium according to the 
invention is being accessed in an authorized way comprising the steps of (a) 
including software for a supervisory program on the storage medium (b) 

' activating this supervisory program when the computer operating system 
first accesses the storage medium, (b) insertion of all or part of the 
supervisory program into the operating systems driver chain that allows two 
way communication between an application program accessmg the storage 
medium and a storage medium read/write unit (d) using the supervisory 
program to monitor communications between the said application program 
and the storage medium read/write unit. 



Data Protection System 



A method of manufacturing digital data storage medium comprising the steps 
of: segmenting copyright material in digital form into consecutive segments, 
allocating each segment to a sector of the storage medium, pre-determining the 
position of each sector on the storage medium and using an algorithm to derive 
a unique encryption key for each sector according to the logical block address 
corresponding to liie start of each sector, encrypting each sector using its 
unique key, and writing the encrypted data sectors to the said storage medium. 



